Pedro Zinner, Head of Corporate Risk Cia. Vale do Rio Doce (CVRD)
CVRD first embarked on a project to implement a risk management strategy in 2004, launching it by dedicating staff and other resources to assessing primarily market risks. This initiative evolved into what has become a wholesale change in mindset as to how risk management issues are evaluated and handled at the company, encompassing not only market risk but also credit and operational risks and involving the identification of primary risk-management objectives and strategy; the review of corporate governance as it involves risk management issues; and the establishment of a risk-management committee at the executive board level. This article will highlight how this process was implemented at CVRD and provide some insights into the company’s future direction on risk management: a focus on enterprise risk management (ERM).
The Company
CVRD is the world’s second-largest diversified metals and mining company and the largest metals and mining company in the Americas. With a market capitalization of $100 billion on May 5, 2007, it is also one of the largest private-sector companies in Latin America. CVRD is the world’s largest producer and exporter of iron ore and pellets and one of the world’s largest producers of nickel. The company also produces copper, manganese, ferroalloys, bauxite, precious metals, cobalt, kaolin, potash and other products. To foster growth, CVRD is actively engaged in mineral exploration efforts in 19 countries. The company operates large logistics systems in Brazil, including railroads, maritime terminals and ports that are integrated with the mining operations. Directly and through affiliates and joint ventures, CVRD has major investments in the aluminum, coal, energy and steel businesses.
CVRD is exposed to different types of risk, including, but not limited to, operational, credit and market risks. Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events. Credit risk arises from the commercial relationship with the clients and financial institutions. Market risk arises from the volatility of prices for the products CVRD sells (including iron ore prices, nickel prices, aluminum prices, copper prices), and exposure to energy prices, FX and interest rates.
In the past, risk-management decisions were decentralized in the company and, although risk was efficiently managed by each business unit, there was no coordinated process for risk management with defined goals and objectives to mitigate exposure. In 2004, CVRD established a risk management unit, to provide a holistic and integrated view of risks across the enterprise. The decision was driven, among other reasons, by: entrance into more volatile markets such as copper and nickel; compliance with Sarbanes-Oxley; and management’s decision to improve corporate governance.
At the beginning of the project, the risk management unit comprised six people. With the implementation of an integrated risk management system, along with the formation of policies and procedures to support its effective functioning, CVRD took a second step in the development of its ERM approach, concentrating its efforts on addressing credit and operational risk. Significant resources and time were allocated to this new phase and the risk management unit now encompasses market, credit and operational risk, with a dedicated team of approximately 18 people.
Principles
Before CVRD could establish or implement a new risk management policy, the company had to first define its risk management principles and objectives. This was drawn together from a combination of an internal analysis of risk at the company and a comprehensive benchmarking analysis of best practices among corporations worldwide.
One of the first things CVRD saw was that risk management strategies and policies have to be closely linked to a company’s business strategies as well as its competitive position in its industry and to shareholders’ needs and appetite for risk. For example, at CVRD, risk management strategies and policy parameters are increasingly being driven by a formal quantification of risk capacity through the modeling of future cash-flows under various market price scenarios.
CVRD’s capacity for risk and subsequent conclusions about the need for market risk mitigation are also based on its ability to maintain certain financial ratios, and thus its target credit rating, under various market scenarios, both deterministic and probabilistic. The company defines an appropriate level of risk as the level of projected future cash-flow that is consistent with its risk appetite, which in turn is determined according to CVRD’s target credit rating.
Another principle of risk management at CVRD is to give management access to a range of potential risk mitigation actions, including the implementation of a systematic hedging program; the postponement of investments; increased debt or access to bank credit lines; raising new equity; reducing dividend payments or contracting committed credit facilities. The risk management unit evaluates any particular action management may choose and considers the impact on cash-flow and the potential opportunity cost implied in any given action.
Objectives
CVRD’s overriding objective for its market risk management program is to support two broader corporate objectives: to achieve sustainable cash-flow/earnings growth and to maintain acceptable financial security and flexibility.
To some extent, CVRD’s growth objectives are constrained by the availability of financial capital, and the cash-flow risk capacity, to finance growth. Since financial capital requirements are partly influenced by risk, including market risk, an important objective for market risk management is to ensure that the level of risk at CVRD does not unduly constrain growth opportunities.
CVRD aims to position itself among the world’s top three diversified mining companies. As such, the company’s risk management program must ensure that the company does not keep excessive or overly conservative levels of financial capital or future cash-flows, thus financing risk at the expense of growth-generating investments. It also must ensure that opportunities to enhance cash-flows through strategic investments in key markets are identified and exploited. Lastly, it must also make sure that any M&A transactions are consistent with the company’s risk strategy and stakeholders’ risk appetite and will not compromise cash-flow.
The risk evaluation and management program has to ensure, at all times, that any risk arising from business decisions, including market risks, are ones that the company is able to bear. An important objective for risk management is therefore to ensure that the level of risk at CVRD does not threaten financial distress, or give rise to circumstances in which adverse or costly actions may be required to avert financial distress. It must also ensure that the level of incremental risk incurred in pursuing opportunities is both limited and adequately compensated by corresponding returns. Lastly, it must also make sure that the overall level of risk assumed is commensurate with the company’s appetite for risk.
Strategy
This is how CVRD puts into practice the principles and objectives of its market risk management program.
Cash-flow at Risk
CVRD regularly measures and monitors risk by calculating Cash-flow at Risk (CFaR), both at a business unit and at a company-wide level. The company applies the resulting knowledge of its portfolio in areas such as risk attribution and the impact of diversification to enhance the ongoing management of this portfolio.
CVRD group market-risk exposures, when considered together, create a diverse portfolio of risks exhibiting significant diversification benefits. The capture of the correlation of the identified risks and the evaluation of natural hedges in the portfolio reveals that the portfolio level CFaR is substantially less than the sum of the CFaR from individual business units. Recognizing this, the principle of measuring and managing market risk at the portfolio level (rather than only in individual business units or risk ‘silos’) drives CVRD’s market risk management approach.
Implementation of a portfolio market risk management approach requires ongoing modeling of the future annual cash-flows and end of year cash-flow balances generated from CVRD’s business portfolio (encompassing all US GAAP companies) and the calculation of the probabilistic (at an agreed level of confidence) impact of market risk on these projections.
CVRD will eventually also need to implement a “market risk mitigation strategy” to ensure that projected future cash-flows (and financial strength) under adverse market risk scenarios remains consistent with approved target levels. Although the core risk management strategy is to rely on CVRD future cash-flow generation to absorb market volatility, it is recognized that there may be circumstances (such as following a major acquisition, a change in the underlying operational risk profile, or where market moves greatly exceed those projected under adverse modeling scenarios) that require the implementation of a risk mitigation strategy.
Hedging
CVRD hedges its market risk when it is considered necessary to support its corporate strategy while maintaining its target level of financial strength and flexibility. Hedging, however, is only one of several risk mitigation strategies and therefore is not “automatically” undertaken. The pillar of CVRD’s market risk management strategy is to rely on the internal portfolio diversification (“natural hedges”) and on the strength of the company’s projected cash-flow balances to absorb residual cash-flow volatility at the portfolio level.
The strategy of not “automatically” hedging the company’s portfolio market risk exposures in derivatives markets is also supported by the facts that:
• hedging is only one available tool for mitigating future cash-flow exposures and may, especially given CVRD’s large proportion of “non–hedgeable” exposures (those associated with iron ore prices which are not considered commodity prices), be less effective than other mechanisms
• conventional corporate finance theory questions the value to shareholders of hedging risk at the company level
• systematic hedging is likely to incur opportunity costs.
Consistent Risk Assessment
CVRD applies a consistent risk assessment approach – with formal consideration of key market variables (prices, exchange rates and interest rates) and associated market risks – across its key corporate functions. These include:
“Strategic Planning” which establishes CVRD’s strategic guidelines from a portfolio perspective and considering risk-reward trade-offs. An evaluation of the risk profile of CVRD’s business portfolio and projects is conducted and mitigation strategies developed.
“Investment Evaluation” considers the elements of and the relevant analysis for the evaluation of market risks associated with capital expenditure projects. The alignment of projects to business strategy and risk management philosophy creates a visible link between the aim of the project and its intended benefits on a risk-return perspective. It also allows projects to be compared to each other based on a “common currency”.
The “Funding Plan” evaluates the impact on cash-flows of different debt portfolios and proposes the optimum debt profile considering the risk-reward trade-off. It also provides an analysis of the probabilistic distribution of selected financial ratios to determine the probability of any downgrade/upgrade to the company’s rating.
“M&A” assist in the due diligence process, evaluating the consistency of information provided, carrying out simulations for different scenarios, proposing the optimal funding structure on a risk-reward basis and considering the impact of the acquisition in the company’s portfolio/cash-flows.
“Financial Planning” establishes a stochastic cash management approach in the evaluation of the company’s cash needs during the year.
Comprehensive Disclosure
CVRD provides its stakeholders with comprehensive disclosure on risks and risk management activities. Transparency is one factor that has a clear impact on investor/creditor/rating agencies perceptions of corporate valuations and/or financial strength. Market regulators such as accounting standards bodies and the SEC are also strengthening disclosure requirements all the time. CVRD believes there is considerable value in being proactive in this area and will adopt clear lines of communication with key stakeholders as a consequence.
Organizational and Governance Framework
Market risk management is ultimately the responsibility of all executives, managers and employees and should be integrated into all business activities and systems. However, the board of directors is responsible for the approval of risk management policies. To ensure consistency and corporate wide compliance with developed methodologies and policies, oversight of the risk function will be the responsibility of the executive risk management committee (ERMC).
The ERMC is composed of three executive directors and two department directors and is charged with responsibility for:
• recommending or issuing opinions on the processes for identification, measurement, reporting and managing risks to which CVRD might be exposed;
• assessing and issuing an opinion concerning the implementation of an integrated risk management system in CVRD and seeking solutions, whenever required, to safeguard the efficiency on the implementation thereof;
• recommending market-risk mitigation strategies (including but not limited to hedging) whenever necessary to adequate the level of risk to the acceptable level for CVRD.
Integration Across Risks
After finishing the process of implementing new market risk, credit risk and operational risk management procedures and practices, it will be necessary to consolidate the measurement of risk across types. Enterprise-wide risk measurement, after all, is a virtual necessity for enterprise-wide risk management.
Conclusion
With the heightened focus on risk management, it has become increasingly clear that traditional risk management approaches do not adequately identify, evaluate and manage risk at the corporate level. Under CVRD’s enterprise risk management approach, the company focuses on integrating risk management with existing management processes, identifying future events that can have both positive and negative effects and evaluating effective strategies for managing the organization’s exposure. ERM is transforming our risk management strategy into a proactive, continuous, value-based, broadly focused and process-driven activity approach.